- From: Yngve Nysaeter Pettersen <yngve@opera.com>
- Date: Wed, 05 Sep 2007 16:43:07 +0200
- To: public-wsc-wg@w3.org
Hello all, Here are the document I suggest we should reference about keysizes: * NIST: http://csrc.nist.gov/CryptoToolkit/kms/SP800-57Part2April2005.pdf base reference: http://csrc.nist.gov/CryptoToolkit/tkkeymgmt.html * The ECRYPT Yearly Report on Algorithms and Key Lengths: (2006 edition) http://www.ecrypt.eu.org/documents/D.SPA.21-1.1.pdf Main page: http://www.ecrypt.eu.org/ " European Network of Excellence for Cryptology is a 4-year network of excellence funded within the Information Societies Technology (IST) Programme of the European Commission's Sixth Framework Programme (FP6)" I think the should be a suggestion that implementers should, when possible, follow the most pessimistic recommendation. Example: NIST still recommends 1024 bit RSA until 2010, ECRYPT only recommended this until end of 2006. Possible additional reference: * NESSIE: https://www.cosic.esat.kuleuven.be/nessie/deliverables/decision-final.pdf From https://www.cosic.esat.kuleuven.be/nessie/ : "NESSIE is a project within the Information Society Technologies (IST) Programme of the European Commission" Background/other references: * RFC 3766: http://www.ietf.org/rfc/rfc3766.txt * The Twirl document: http://www.rsa.com/rsalabs/node.asp?id=2004 -- Sincerely, Yngve N. Pettersen ******************************************************************** Senior Developer Email: yngve@opera.com Opera Software ASA http://www.opera.com/ Phone: +47 24 16 42 60 Fax: +47 24 16 40 01 ********************************************************************
Received on Wednesday, 5 September 2007 14:43:36 UTC